diff options
| author | Dave Watson <davejwatson@fb.com> | 2019-01-30 21:58:31 +0000 |
|---|---|---|
| committer | David S. Miller <davem@davemloft.net> | 2019-02-01 15:00:55 -0800 |
| commit | 130b392c6cd6b2aed1b7eb32253d4920babb4891 (patch) | |
| tree | 99a8b337cdf5fcb3f23374b3100ed8e3ea295e19 /net/tls/tls_device_fallback.c | |
| parent | fedf201e12960bd2fab0596422851b20a8d80d20 (diff) | |
| download | linux-stable-130b392c6cd6b2aed1b7eb32253d4920babb4891.tar.gz linux-stable-130b392c6cd6b2aed1b7eb32253d4920babb4891.tar.bz2 linux-stable-130b392c6cd6b2aed1b7eb32253d4920babb4891.zip | |
net: tls: Add tls 1.3 support
TLS 1.3 has minor changes from TLS 1.2 at the record layer.
* Header now hardcodes the same version and application content type in
the header.
* The real content type is appended after the data, before encryption (or
after decryption).
* The IV is xored with the sequence number, instead of concatinating four
bytes of IV with the explicit IV.
* Zero-padding: No exlicit length is given, we search backwards from the
end of the decrypted data for the first non-zero byte, which is the
content type. Currently recv supports reading zero-padding, but there
is no way for send to add zero padding.
Signed-off-by: Dave Watson <davejwatson@fb.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Diffstat (limited to 'net/tls/tls_device_fallback.c')
| -rw-r--r-- | net/tls/tls_device_fallback.c | 3 |
1 files changed, 2 insertions, 1 deletions
diff --git a/net/tls/tls_device_fallback.c b/net/tls/tls_device_fallback.c index 450a6dbc5a88..54c3a758f2a7 100644 --- a/net/tls/tls_device_fallback.c +++ b/net/tls/tls_device_fallback.c @@ -73,7 +73,8 @@ static int tls_enc_record(struct aead_request *aead_req, len -= TLS_CIPHER_AES_GCM_128_IV_SIZE; tls_make_aad(aad, len - TLS_CIPHER_AES_GCM_128_TAG_SIZE, - (char *)&rcd_sn, sizeof(rcd_sn), buf[0]); + (char *)&rcd_sn, sizeof(rcd_sn), buf[0], + TLS_1_2_VERSION); memcpy(iv + TLS_CIPHER_AES_GCM_128_SALT_SIZE, buf + TLS_HEADER_SIZE, TLS_CIPHER_AES_GCM_128_IV_SIZE); |